summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorManjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>2018-08-17 16:19:18 -0700
committerManjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>2018-08-17 16:29:05 -0700
commit572150672972e58d3e2b2f21e5dfd3004bce6b68 (patch)
treec16bca53ef9542cc043bb0fcaee326b6b4481c0d
parent4455ce1788d419483b6561de5c83508b146aaa51 (diff)
Copy out encrypted private key selectively
Only in the case where no tpm hosts are present, then encrypt and copy out the private key Change-Id: I34fbcf65e61c4e6803f594ffe1c527c9afd8f184 Issue-ID: AAF-376 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
-rwxr-xr-xbin/distcenter/entrypoint.sh39
1 files changed, 22 insertions, 17 deletions
diff --git a/bin/distcenter/entrypoint.sh b/bin/distcenter/entrypoint.sh
index 25cefd6..6aac3ca 100755
--- a/bin/distcenter/entrypoint.sh
+++ b/bin/distcenter/entrypoint.sh
@@ -2,22 +2,27 @@
set -e
cd /distcenter
/distcenter/bin/create_ca.sh
-cd /distcenter/ca
-cat /distcenter/passphrase/passphrase | gpg --no-tty --symmetric -z 9 --require-secmem \
- --cipher-algo AES256 --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 \
- --s2k-mode 3 --s2k-count 65000000 --compress-algo BZIP2 \
- --passphrase-fd 0 privkey.pem
-cp /distcenter/ca/privkey.pem.gpg /distcenter/data
-cp /distcenter/ca/ca.cert /distcenter/data
cd /distcenter/data
-DLIST=`ls -d host_*`
-#Iterate over all hosts (host in k8s corresponds node)
-for DIR in $DLIST; do
- echo $DIR
- cp /distcenter/ca/ca.cert /distcenter/data/$DIR
- cd /distcenter/data/$DIR
- /dup/bin/ossl_tpm_duplicate -pemfile /distcenter/ca/privkey.pem -parentPub \
- /distcenter/data/$DIR/out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed \
- dupSymseed -dupEncKey dupEncKey
-done
+DCOUNT=$(ls -d host_* 2> /dev/null | wc -l)
+if [ "$DCOUNT" != "0" ]
+then
+ DLIST=`ls -d host_*`
+ #Iterate over all hosts (host in k8s corresponds node)
+ for DIR in $DLIST; do
+ echo $DIR
+ cp /distcenter/ca/ca.cert /distcenter/data/$DIR
+ cd /distcenter/data/$DIR
+ /dup/bin/ossl_tpm_duplicate -pemfile /distcenter/ca/privkey.pem -parentPub \
+ /distcenter/data/$DIR/out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed \
+ dupSymseed -dupEncKey dupEncKey
+ done
+else
+ cd /distcenter/ca
+ cat /distcenter/passphrase/passphrase | gpg --no-tty --symmetric -z 9 --require-secmem \
+ --cipher-algo AES256 --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 \
+ --s2k-mode 3 --s2k-count 65000000 --compress-algo BZIP2 \
+ --passphrase-fd 0 privkey.pem
+ cp /distcenter/ca/privkey.pem.gpg /distcenter/data
+ cp /distcenter/ca/ca.cert /distcenter/data
+fi